<?php

$section = "login";

$titre = _LB_LOGIN;
$smarty->assign("titre", $titre);

Session::setBackLink("login");

$smarty = DRX::load("smarty");

$return_link = Request::get('return_link');

// get tranform info, this info appears when transforming to another user
$transform_act = Request::getIntNumber('act');

// get tranform_to_id, this info appears when transforming to another user
$transformed_id = Request::getIntNumber('id');

// get reige id
$regie_id = Request::getIntNumber('rid');

// get salt_value
$salt_value = Request::get('sno');

// get reborn info, this info appears when transforming back to original user_type
$reborn = Request::getIntNumber('reborn');

$login = new Login();

if (!isset($_POST["login"]) && $transform_act == 0 && $transformed_id == 0) {
	$_SERVER['REQUEST_URI'] = urldecode($_SERVER['REQUEST_URI']);
	$pos = strpos($_SERVER['REQUEST_URI'],'=');
	$return_link = substr($_SERVER['REQUEST_URI'],$pos+1);
	$smarty->assign("return_link", $return_link);
	$smarty->display('login.html');
}
else {
	// check if user login is deactivated or not
    
    
    
    
	if (isset($_POST['login']) && $login->isDeactivated($_POST['login']))
	{
		$errors[] = _LB_ACCOUNT_DEACTIVATED;
		$smarty->assign("message_error", $errors);
		$smarty->assign("login", $_POST['login']);
		$smarty->display('login.html');
		exit();
	}

	//check user login
	$acces = null;

	// whether or not this is a TRANSFORM ACTION
	if ($transform_act == ACT_TRANSFORM && $transformed_id != 0 && isset($_SESSION["is_regie"])
		&& ($_SESSION["is_regie"] == ADMIN_SUPPORT || $_SESSION["is_regie"] == ADMIN_SFR) )
	{
		// get the real owner info, if this is REGIE, his owner is SUPPORT.
        
		if (!isset($_SESSION['old_user_info']))
		{
			$regie_id = $_SESSION['userID'];
		}
		else
		{
			// use LOGIN.ID of SUPPORT
			$regie_id = $_SESSION['old_user_info'];
		}

		// check by ID
		$acces = connecter_utilisateur_byID($transformed_id);

		if ($acces <> null)
		{
			if (Login::isPassTransformRule($acces))
			{
				$salt_value = new Login();
				$salt_value->get($regie_id);

				// if next user is not REGIE
				if ($acces->IS_REGIE == 0)
				{
					// save new SALT_VALUE for current REGIE
					$salt_value->updateNewSaltValue();

					// create parameter string
					$str_params = '&rid=' . $salt_value->ID . '&sno=' . $salt_value->SALT_VALUE . '&id='. $transformed_id;

					// free all SESSION variables
					// session_unset();

					// redirect to FO
					redirect(APPLICATION_FO_URL . '/login/login/?act=' . ACT_TRANSFORM . $str_params);
				}
				else
				{
					// set $salt_value->ID to SESSION
					$_SESSION['old_user_info'] = $salt_value->ID;
				}
			}
			else
			{
				redirect(Utils::getHomeLink());
			}
		}
	}
	else if ($transform_act == ACT_RETRANSFORM)
	{
		if ($regie_id != 0 && $salt_value != '')
		{
			// get salt_value of Regie
			$regie_salt = new Login();
			$regie_salt->get($regie_id);

			if ($regie_salt <> null && $regie_salt->SALT_VALUE == $salt_value)
			{
				// free all SESSION variables
				session_unset();

				// check by ID, in this case, REGIE back to REGIE page
				$acces = connecter_utilisateur_byID($regie_salt->ID);

				// set SALT_VALUE to NULL
				$acces->SALT_VALUE = 'NULL';
				$acces->update();
			}
		}
		else if (isset($_SESSION['old_user_info']))
		{
			// get old_user_info from SESSION scope
			$old_user_info = $_SESSION['old_user_info'];

			// check by ID
			$acces = connecter_utilisateur_byID($old_user_info);

			// free all SESSION variables
			session_unset();
		}
	}
	else if (isset($_POST["login"]) && isset($_POST["pwd"]))
	{
		// free all SESSION variables
		session_unset();
		Session::setBackLink("login");

		// check and use SHA1 to encode password
		$acces = connecter_utilisateur($_POST["login"], $_POST["pwd"]);

	}
	if ($acces <> NULL)
	{
		$acces->updateLogin();

		$_SESSION["userID"] = $acces->ID;
        $_SESSION["userClasse"] = "user_admin";
        $_SESSION["is_admin"] = TRUE;
        $_SESSION["test"] = "HELLO !!!!!!";
        
		//serialize current user
		$_SESSION['user_serialize'] = serialize($acces);

		if (!isset($_SESSION['url_demande']) || $_SESSION['url_demande'] == '')
		{
			$_SESSION['url_demande'] = $tab_pages[$_SESSION["userClasse"]]["main_link"];
		}

		if( $return_link == '')
		{
            
			redirect($_SESSION['url_demande']);
		}
		else
		{
			redirect($return_link);
		}
	}
	else
	{
		if (isset($_POST["login"]))
		{
			if ( isset($acces) && (!$acces->isAllowedAccessProject()) )
			{
				$errors[] = _LB_NOT_GRANTED;
			}
			else
			{
				$login->increaseLoginAttempts($_POST['login']);
				if ($login->isDeactivated($_POST['login']))
				{
					$errors[] = _LB_ACCOUNT_DEACTIVATED;
				}
				else
				{
					$errors[] = _LB_INVALID_LOGIN_OR_PASSWORD;
				}
			}

			$smarty->assign("message_error", $errors);
			$smarty->assign("login", $_POST["login"]);
		}

		$smarty->display('login.html');
	}
}